On May 25, 2018 the General Data Protection Regulation went into effect (GDPR)in Europe. This new set of rules was established to improve privacy rights, giving internet users more power over the information and data that is shared about them. These rules have an impact on all businesses across Europe that utilize technology and software housing consumer data. Specifically, GDPR has a direct influence on hospitals and facilities that use medical devices and health care marketing strategies.
Similarly, the state of California passed its own law, the California Consumer Privacy Act (CCPA), to protect online privacy. In its current form, the CCPA states that users have the right to know what kind of information companies are collecting about them, why they’re interested in this data and how they’re sharing it, according to the New York Times. While the CCPA is currently being amended and won’t be enforced until sometime in 2020, change is certainly coming.
While both the GDPR and CCPA are serious benchmarks in the world of privacy, companies marketing to US consumers are not yet impacted by such regulations. However, GDPR should be considered a warning to healthcare marketers across the country; a wake-up call to get marketing strategy policies in order before a likely “Federal GDPR Lite” law is enacted.
If a regulation similar to GDPR goes into effect in the U.S., here’s how it can make a direct impression on your marketing strategy in health care:
Lead generation development
According to Brad Kostka, a contributor of Crain’s Cleveland Business, lead generation via inbound marketing is still a possibility, but you would need to be more cognizant of consent as it’s a critical step before collecting personal data from patients and consumers.
“Lead generation via inbound marketing is still a possibility.”
“This involves using simplified language to clearly outline what data is being collected and why, then provide a call to action, such as a checkbox, that prompts a user to give informed consent,” he wrote. “Pre-checked boxes and automatic opt-ins are prohibited.”
Managing your database
Your database could be subject to audits to ensure you’re complying with standards similar to GDPR, so it’s important to make sure your records are well managed, organized and accurate. Your database should be in great shape for routine – and random – auditing. Transparency is key.
Utilizing social media
GDPR has changed the way users provide personal information via social media. A similar law brought to the U.S. can ultimately impact your health care marketing scheme if you’re using sites like Facebook to advertise, gather and relay data to consumers. Users have the ability to evaluate and select how the site uses personal information for advertising, which may have a direct impact on your company’s marketing strategy.
Instead of utilizing social media sites like Facebook to help you find your target audience, sticking to an email marketing strategy and displaying your business’ social media links in your signature offers a quick fix. This gives patients and consumers the ability to get to know you on their own without feeling an invasion of privacy when you reach out to them on their social media accounts.
While immediate changes are not being made in regard to privacy regulations, hospital marketers would benefit from learning how to shift with compliance trends to ensure safety and security for consumers in the future. Understanding best practices based on specific areas of your marketing strategy will keep your data healthy. At HealthLink Dimensions, we can provide data services to help clean and standardize data to comply with protection standards that could impact your business in the future. Finally, you can learn more about how current regulations impact US healthcare marketers in our recent blog.
We will be monitoring and providing updates to changing to laws and regulations that affect US marketers so don’t forget to sign up for news that affects you on the top-right corner of this page.